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Fw: IPSec vs. SSL 



• To: < ipsec@lists.tislabs.com > 

• Subject: Fw: IPSec vs. SSL 

• From: "Venkat RK Reddy" < vpothams@cisco.com > 

• Date: Mon, 18 Dec 2000 16:19:56 -0800 

• Sender: owner-ipsec(g),lists.tislabs.com 



IPSec's advantage over SSL: It has more flexibility on choosing the authentication mechanisms (like the 
PreSharedKey), and therefore makes it difficult for the attacker to do man in the middle. SSL is based only on 
public key and with tools (like dsniff2.3) t its possible to do man in the middle breaking SSL. 

SSL's advantage over IPSec: In SSL, the client and the server exchage * hash * over the "initial handshake" and 
therefore is difficult for an attacker to control (change the proposals that the client has sent so that the server 
chooses the proposals that attacker sends or whatever) the main mode "initial" handshake. 

More discussion on this would be enlightening and appreciated. 



Original Message — 

From: Tim Lee 

To: ipsec@lists.tislabs.com 

Sent: Saturday, December 16, 2000 5:30 PM 

Subject: Re: IPSec vs. SSL b 

Are there any situations where it is useful to have IPSec in addition to SSL? 



Follow-Ups: 

• Re: Fw: IPSec vs. SSL 

o From: Rick Smith at Secure Computing <rick_smith@securecomputing.com> 



• Prev by Date: Re: IPSec vs. SSL 

• Next by Date: Re: Fw: IPSec vs. SSL 

• Prev bv thread: Re: IPSec vs. SSL 

• Next by thread: Re: Fw: IPSec vs. SSL 

• Index(es): 

o Main 
o Thread 



http://www.sandelman.ottawa.on.ca/ipsec/2000/12/msg00061.html 
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